Tag Archives: Security and Compliance

Google Workspace Updates Weekly Recap – August 19, 2022

New updates 


There are no new updates to share this week. Please see below for a recap of published announcements. 


Previous announcements


The announcements below were published on the Workspace Updates blog earlier this week. Please refer to the original blog posts for complete details.



Improved quality and performance for Google Meet effects on the web 
Background effects are now more accurate for Google Meet users on the web. This allows you to experience more accurate background blur, background replace, and immersive background and styles. | Available to Google Workspace Business Standard, Business Plus, Enterprise Standard, Enterprise Plus customers, and Workspace Individual users on eligible devices in eligible countries (Northern America, Europe, Northern Africa, Central Asia, Southeastern Asia). Visit the Help Center to learn more about availability. | Learn more

More control over accessibility preferences in Docs, Sheets, Slides, and Drawings 
You’re now able to set preferences for Docs, Sheets, Slides, and Drawings individually, rather than having the same accessibility settings apply across these products. | Learn more

Updated user interface for managing email quarantines 
In the coming weeks, you will see a new user interface when using the email quarantine tool. This brings the email quarantine experience inline with other tools in the Admin console, making it more intuitive to navigate and use. | Learn more

See how much noise is being removed during Google Meet video calls 
Google Meet can now remove background noises such as typing, construction sounds, or background chatter. | Available to Google Workspace Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, Enterprise Plus, Education Plus, and Workspace Individual customers only. | Learn more

Conveniently connect site visitors with social channels in new Sites 
Site editors can now insert stylized social media links into pages within their site, enabling you to more conveniently connect site visitors with additional information and content on your social channels. | Learn more

Enhancements to the “Frame people” feature on Google Meet hardware devices 
We’ve introduced two enhancements on Google Meet hardware devices for the “Frame people” feature: 
  • The “Frame people” feature is now more easily discoverable and can be accessed in a meeting from the touch panel in fewer steps. 
  • A solution to a recent bug impacting the auto framing capability for some Google Meet hardware devices. The auto framing functionality has been restored to impacted devices with improved reliability and performance. 
Available to all supported Google Meet hardware devices that have not yet reached their auto-update expiration date. | Learn more

New color categorization in Calendar to better understand how you’re spending your time 
You can now categorize your time by naming and assigning a corresponding color label to an event within Time Insights in Calendar. | Available to Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Plus and Nonprofits customers only. | Learn more

Easily assign Tasks from Google Docs 
In Google Docs, you can now assign a checklist item to yourself or a colleague that will then show up in the assignee’s Tasks list. | Learn more


For a recap of announcements in the past six months, check out What’s new in Google Workspace (recent releases).

Updated user interface for managing email quarantines

Quick summary 

In the coming weeks, you will see a new user interface when using the email quarantine tool. This update will bring the email quarantine experience inline with other tools in the Admin console, making it more intuitive to navigate and use. Quarantines help minimize data loss, protect confidential information, and manage message attachments. 


Some improvements you’ll notice are: 
  • A collapsible side panel for filtering quarantines 
  • A paginated table view displaying quarantines with custom names row by row 
  • The option to view the original, raw content of a selected message for easier referencing. 

Quarantines with custom names are displayed row by row


Original, raw content can be viewed for each quarantine



Getting started 

  • Admins: The admin quarantine can be found in the Admin console at Apps > Google Workspace > Gmail > Manage Quarantines. Visit the Help Center to learn more. Visit the Help Center to learn more. 
  • End users: There is no end user impact. 

Rollout pace 


Availability 

  • Available to all Google Workspace editions, as well as legacy G Suite Basic and Business customers 

Resources 



Google Workspace Updates Weekly Recap – August 12, 2022

New updates

Unless otherwise indicated, the features below are fully launched or in the process of rolling out (rollouts should take no more than 15 business days to complete), launching to both Rapid and Scheduled Release at the same time (if not, each stage of rollout should take no more than 15 business days to complete), and available to all Google Workspace and G Suite customers. 


Delegate access to a shared inbox using a group address 
You can now give an entire Google Group access to your Gmail account through mail delegation. With this feature, delegated users can read, send, and delete messages on the account owner's behalf. We hope this will enable teams to more effectively process incoming requests and tasks via a single shared email address. | Available to Business Starter, Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Frontline, Nonprofits, and legacy G Suite Basic and Business customers only. | Learn more


Granular controls for app allowlisting in the Google Workspace Marketplace 
Admins can now choose which Google Workspace Marketplace apps are available to be installed by users in a particular department (OU) or group by managing Marketplace apps on their allowlist. Previously, admins could only manage the allowlist for an entire domain. Additionally, the Marketplace apps access settings, Allow all apps, Allow selected apps, and Block all apps, can now be set for your entire organization or for an OU or group. This new functionality provides a solution when only a subset of domain users need permissions to install certain Marketplace apps. Examples include Chat apps required for your Engineering organization and IT security group or Classroom add-ons required for high-school teachers. | Available to Business Starter, Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Frontline, Nonprofits, and legacy G Suite Basic and Business customers only. | Learn more


Seamlessly delete subsets of Sites 
Site editors can now delete a page with subpages and delete pages that were copied into another site during a partial site copy. | Roll out to Rapid Release began August 8, 2022; launch to Scheduled Release planned for August 29, 2022. | Learn more



Previous announcements 

The announcements below were published on the Workspace Updates blog earlier this week. Please refer to the original blog posts for complete details.


Office Building support for Working Locations 
We’ve added the ability to select a specific office building as your working location. | Available to Google Workspace Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Nonprofits, and legacy G Suite Business customers only. | Learn more


Improving data privacy with Client-side encryption for Google Meet 
We’ve added Workspace Client-side encryption to Google Meet, giving customers increased control over their data. | Available to Google Workspace Enterprise Plus, Education Standard, and Education Plus customers hosting client-side encrypted calls only. | Learn more


Stronger protection for sensitive Google Workspace account actions 
There are now stronger safeguards for sensitive actions taken in your Google Workspace account. These apply to actions that, when done by hijackers, can have far reaching consequences for the account owner or the organization it belongs to. | Learn more


The Google Meet and Google Duo app icons are changing, additional information for Google Workspace users 
As part of the announcement that we are upgrading the Duo experience to include all Google Meet features, users will now begin to see their app name and icon update to Google Meet. | Learn more


Better location context for events and RSVPs in Calendar 
We’ve made it even easier to use RSVPs in Google Calendar and let others know how you’re planning to join a meeting. | Available to Google Workspace Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Education Standard, Teaching & Learning Upgrade, Nonprofits, and legacy G Suite Business customers only. | Learn more


Improved notifications when editing Microsoft Office files in Docs, Sheets, and Slides 
We’ve rolled out a series of improvements to the notifications you see when editing a Microsoft Office-formatted file with Office editing mode. | Learn more


Unified experience for Gmail logs in BigQuery, configure your existing Gmail logs to route to Workspace logs 
In the coming months, we will move the location of the existing Gmail logs in BigQuery to Google Workspace logs and reports in BigQuery. | Available to Google Workspace Enterprise Essentials, Enterprise Standard, Enterprise Plus, Education Plus, Education Standard customers only. | Learn more


Google Meet call control for USB peripheral devices
We've introduced additional call control for Google Meet which will allow you to toggle between mute and unmute using headsets, speaker microphones, and other USB peripheral devices. | Learn more


Control visibility of admin alerts with admin role privileges
There is a new control that allows super admins to create a custom rule which ensures only admins with the DLP privilege can see DLP alerts. | Learn more.


For a recap of announcements in the past six months, check out What’s new in Google Workspace (recent releases).

Google Workspace Updates Weekly Recap – August 12, 2022

New updates

Unless otherwise indicated, the features below are fully launched or in the process of rolling out (rollouts should take no more than 15 business days to complete), launching to both Rapid and Scheduled Release at the same time (if not, each stage of rollout should take no more than 15 business days to complete), and available to all Google Workspace and G Suite customers. 


Delegate access to a shared inbox using a group address 
You can now give an entire Google Group access to your Gmail account through mail delegation. With this feature, delegated users can read, send, and delete messages on the account owner's behalf. We hope this will enable teams to more effectively process incoming requests and tasks via a single shared email address. | Available to Business Starter, Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Frontline, Nonprofits, and legacy G Suite Basic and Business customers only. | Learn more


Granular controls for app allowlisting in the Google Workspace Marketplace 
Admins can now choose which Google Workspace Marketplace apps are available to be installed by users in a particular department (OU) or group by managing Marketplace apps on their allowlist. Previously, admins could only manage the allowlist for an entire domain. Additionally, the Marketplace apps access settings, Allow all apps, Allow selected apps, and Block all apps, can now be set for your entire organization or for an OU or group. This new functionality provides a solution when only a subset of domain users need permissions to install certain Marketplace apps. Examples include Chat apps required for your Engineering organization and IT security group or Classroom add-ons required for high-school teachers. | Available to Business Starter, Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Frontline, Nonprofits, and legacy G Suite Basic and Business customers only. | Learn more


Seamlessly delete subsets of Sites 
Site editors can now delete a page with subpages and delete pages that were copied into another site during a partial site copy. | Roll out to Rapid Release began August 8, 2022; launch to Scheduled Release planned for August 29, 2022. | Learn more



Previous announcements 

The announcements below were published on the Workspace Updates blog earlier this week. Please refer to the original blog posts for complete details.


Office Building support for Working Locations 
We’ve added the ability to select a specific office building as your working location. | Available to Google Workspace Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Nonprofits, and legacy G Suite Business customers only. | Learn more


Improving data privacy with Client-side encryption for Google Meet 
We’ve added Workspace Client-side encryption to Google Meet, giving customers increased control over their data. | Available to Google Workspace Enterprise Plus, Education Standard, and Education Plus customers hosting client-side encrypted calls only. | Learn more


Stronger protection for sensitive Google Workspace account actions 
There are now stronger safeguards for sensitive actions taken in your Google Workspace account. These apply to actions that, when done by hijackers, can have far reaching consequences for the account owner or the organization it belongs to. | Learn more


The Google Meet and Google Duo app icons are changing, additional information for Google Workspace users 
As part of the announcement that we are upgrading the Duo experience to include all Google Meet features, users will now begin to see their app name and icon update to Google Meet. | Learn more


Better location context for events and RSVPs in Calendar 
We’ve made it even easier to use RSVPs in Google Calendar and let others know how you’re planning to join a meeting. | Available to Google Workspace Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Education Standard, Teaching & Learning Upgrade, Nonprofits, and legacy G Suite Business customers only. | Learn more


Improved notifications when editing Microsoft Office files in Docs, Sheets, and Slides 
We’ve rolled out a series of improvements to the notifications you see when editing a Microsoft Office-formatted file with Office editing mode. | Learn more


Unified experience for Gmail logs in BigQuery, configure your existing Gmail logs to route to Workspace logs 
In the coming months, we will move the location of the existing Gmail logs in BigQuery to Google Workspace logs and reports in BigQuery. | Available to Google Workspace Enterprise Essentials, Enterprise Standard, Enterprise Plus, Education Plus, Education Standard customers only. | Learn more


Google Meet call control for USB peripheral devices
We've introduced additional call control for Google Meet which will allow you to toggle between mute and unmute using headsets, speaker microphones, and other USB peripheral devices. | Learn more


Control visibility of admin alerts with admin role privileges
There is a new control that allows super admins to create a custom rule which ensures only admins with the DLP privilege can see DLP alerts. | Learn more.


For a recap of announcements in the past six months, check out What’s new in Google Workspace (recent releases).

Control visibility of admin alerts with admin role privileges

What’s changing 

We’re introducing a new control that allows super admins to create a custom rule which ensures only admins with the DLP privilege can see DLP alerts. Previously, DLP alerts were visible to all admins — this change helps ensure the right people have access to list, update, or delete alerts. Further, this cuts down on the visibility of alerts that aren’t relevant to specific admins. 



Getting started 


Rollout pace 

  • This feature is available now for all users. Availability Available to all Google Workspace customers, as well as legacy G Suite Basic and Business customers 

Resources 

Stronger protection for sensitive Google Workspace account actions

What’s changing 

We’re introducing stronger safeguards for sensitive actions taken in your Google Workspace account. These apply to actions that, when done by hijackers, can have far reaching consequences for the account owner or the organization it belongs to. 


Google will evaluate the session attempting the action, and if it’s deemed risky, it will be challenged with a “Verify it’s You” prompt. Through a second and trusted factor, such as a 2-step verification code, users can confirm the validity of the action. For example, if a malicious actor gains access to your account and attempts to change the name on your account, the action will be blocked until the true account owner can verify that this was intentional. 


Note that this feature only supports users that use Google as their identity provider and actions taken within Google products. SAML users are not supported at this time. See below for more information. 



Who’s impacted 

Admins and end users 


Why it matters 

This added layer of security helps to intercept bad actors who have gained access to a user's account, further protecting their data and your organization's sensitive information. Additionally, these challenge attempts will be logged as an audit event allowing for further admin investigation. 

Additional details 

In the Admin console under Users > “UserName” > Security, admins can toggle login challenges OFF for ten minutes if a user gets stuck behind a "verify it's you prompt". We strongly recommend only using this option if contact with the user is credibly established, such as via a video call. 

Getting started 


Rollout pace 


Availability 

  • Available to all Google Workspace customers, as well as legacy G Suite Basic and Business customers 

Resources 

Improving data privacy with Client-side encryption for Google Meet

What’s changing 

We are adding Workspace Client-side encryption to Google Meet, giving customers increased control over their data. Meet already encrypts all of your data at rest and in transit between our facilities — client-side encryption gives users direct control of their encryption keys and the identity service that they choose to authenticate for those keys. Additionally, this guarantees that Google cannot access audio and video content under any circumstances and helps you meet regulatory compliance in many regions. 


Bringing Client-side encryption to Meet is another significant milestone in Google Workspace’s industry-leading encryption work, offering our users the highest degree of protection and control over their data. 


Workspace Client-side encryption for Meet will be available first on the web, with support for meeting rooms and mobile devices coming later. 


Important note: At this stage, only participants within your Workspace organization can be invited to client-side encrypted calls — guest access will be introduced in the future. 


Why it’s important 

Client-side encryption uses keys supplied by the customer to add another layer of encryption to video and audio, in addition to using the default encryption that Google Meet provides. This is used for calls that need an extra level of confidentiality and makes the media indecipherable even to Google. Those could be calls regarding sensitive intellectual property or when required for compliance in highly regulated industries. 


Additional details 

Notes about using client-side encryption: 
  • The organizer needs to join for the call to start when client-side encryption is turned on. If participants join early, they will need to wait for the organizer to join before communicating with others. 
  • Some functions that require server-side processing or parsing of call media will not work, e.g. cloud-based noise cancellation or closed captions. 
  • Client-side encryption does not support dialing-in/out 

Getting started 

  • Admins: An administrator needs to configure how Meet connects to a key service and identity provider before turning on client-side encryption for users. Learn more about configuring Client-side encryption here
  • End users: 
    • Organizing calls: 
      • In a calendar event with Meet video conferencing, navigate to Settings (cog-wheel icon) > Security and select “Add encryption”
      • Note: All participants must be invited to the call, either via the Calendar event or within the meeting. 
    • Participating in calls: 
      • Client-side encrypted meetings will start once the meeting organizer arrives — there are no other restrictions or changes for meeting participants. 

Rollout pace 

  • Users on supported Google Workspace editions can create Client-side encrypted calls. 

Availability 

  • Available to Google Workspace Enterprise Plus, Education Standard, and Education Plus customers hosting client-side encrypted calls 
  • Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, The Teaching and Learning Upgrade, Frontline, and Nonprofits, as well as legacy G Suite Basic and Business customers 

Resources 

Assignments audit data now available in the Admin console

Quick summary 

Google Workspace for Education admins can now view Assignments data in their audit logs. Using this data, admins can find and act on Assignments related events such as who removed a student from a video call, when assignment files were created or submitted, and more. 



Getting started 

  • Admins: Audit logs can be found in the Admin console under Reporting > Audit > Investigation > Admin log events. Visit the Help Center to learn more about Admin log events
  • End users: There is no end user impact 



Rollout pace 


Availability 


  • Available to Google Workspace Education Fundamentals, Education Plus, Education Standard, and the Teaching and Learning upgrade. 
  • Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, Enterprise Plus, Frontline, and Nonprofits, as well as legacy G Suite Basic and Business customers. 

Resources 

Migrate unmanaged accounts to your domain using new “UserInvitation” API functionality

What’s changing 

We’re introducing new API functionality which allows you to automate the process of finding conflicting accounts and inviting them to join your organization. 


Who’s impacted 

Admins, end users, and developers 


Why you’d use it 

When employees create a Google account using one of your organization’s domains to access Google services, this is known as an unmanaged account. Unmanaged accounts are not ideal for managing users and keeping their work data secure. 


Additionally, should an admin try to create a managed account with the same name, this conflict will prevent a managed account from being created. Using the UserInvitation API functionality, you can send a request to convert their personal account to a Google Workspace account. 


While the same action can be manually performed with the Transfer Tool, the API allows conflicting accounts to be identified and remediated programmatically, using logic that best suits your needs.


Getting started 

  • Admins and Developers: 
  • End users: 
    • If you accept the request from your admin to transfer their account, your admin will be granted access to their data and the ability to manage your account. 
    • If you don’t accept the invitation, you will have to rename your account. Your administrator can create a new, managed account for you. 

Rollout pace 


Availability 

  • Available to Google Workspace Business Starter, Business Standard, Business Plus, Enterprise Standard, Enterprise, Cloud Identity Premium and Cloud Identity Free customers 
  • Not available to Google Workspace Essentials,, Enterprise Essentials, Education Standard, Enterprise Plus, Education Fundamentals, Education Plus, Frontline, and Nonprofits, as well as legacy G Suite Basic and Business customers 

Resources 

Google Workspace Updates Weekly Recap – July 22, 2022

New updates

Unless otherwise indicated, the features below are fully launched or in the process of rolling out (rollouts should take no more than 15 business days to complete), launching to both Rapid and Scheduled Release at the same time (if not, each stage of rollout should take no more than 15 business days to complete), and available to all Google Workspace and G Suite customers. 


Rollout improvements for future Google Chat launches 
Going forward, all major user-facing feature changes and improvements to Google Chat will follow a rollout schedule in which accounts under Rapid Release will see new features first, followed by accounts under the default setting of Scheduled Release, at least 1 week later. We hope this change makes it easier for you to plan for new Google Chat updates. As a reminder, Admins can choose which release track they want their accounts to follow. | Learn more

Series One Desk 27 now in production 
In September 2021, we announced Series One Desk 27, a premium all-in-one touchscreen Google Meet collaboration device. These devices are now in production and will be available for shipping soon. Contact Avocor for more information on ordering the Series One devices. | Learn more


Previous announcements 

The announcements below were published on the Workspace Updates blog earlier this week. Please refer to the original blog posts for complete details.


Making Google Chat active user metrics more detailed in the Admin console 
We’ve rolled out a new method for calculating active users in Google Chat across your organization that ensures greater accuracy for detecting a user's reading and sending actions in Chat. This will provide admins more accurate reporting. | Learn more

Control access to experimental Google Workspace apps with a new admin setting 
Admins can use the new Experimental Apps Control setting to grant or deny their users access to emerging or experimental Google applications and whether those applications can access core service data. | Learn more

Building larger spaces in Google Chat 
We've increased the amount of members you can add to a space in Google Chat from 400 to 8,000. | Learn more

Stay on top of changes to document content with edit notifications 
In Google Docs, you can now choose to receive email notifications for document changes on a per file basis. Edit notification emails detail what changes were made, when the changes were made, and who made them. | Learn more.

Allow Google Meet participants to ask questions or respond to polls anonymously 
In Google Meet, meeting participants will now have the option to ask questions or participate in polls anonymously. | Q&A is available to Google Workspace Essentials, Business Standard, Business Plus, Enterprise Starter, Enterprise Essentials, Enterprise Standard, Enterprise Plus, Teaching and Learning Upgrade, Education Plus and Nonprofits, as well as legacy G Suite Business customers only. | Polls are available to Google Workspace Essentials, Business Standard, Business Plus, Enterprise Starter, Enterprise Essentials, Enterprise Standard, Enterprise Plus, Teaching and Learning Upgrade, Education Plus and Nonprofits, as well as legacy G Suite Business customers and Google Workspace Individual users only. | Learn more

Delete Chat spaces and their content, now generally available 
You can now delete a named space in Google Chat. With this capability, a space manager can delete a space, which completely removes all owned contents of the space, space tasks, and files and attachments not saved elsewhere. | Learn more

Prevent spam by adding invitations from known senders only to your calendar 
You can now select an option to display events on your calendar only if they come from a sender you know to help keep your Calendar free from spam. | Learn more

Live stream Google Meet events via YouTube 
Google Workspace users can live stream meetings publicly via YouTube. |Available to Google Workspace Enterprise Starter, Enterprise Standard, Enterprise Plus, Education Plus, Teaching and Learning Upgrade customers only and Google One Premium plan members in select countries. | Learn more

Easily access your most used emojis in Google Chat 
In the Google Chat emoji picker, your most frequently used emojis can be found under the new “Frequently Used” section | Learn more

Programmatically manage and apply Drive Labels using new API functionality 
Developers can now programmatically manage labels at scale via Drive APIs. In addition to supporting the ability to read Drive Label taxonomies, new functionality in the Drive API can be used to apply labels, set fields on files, and find files by label metadata. | Available to Google Workspace Essentials, Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, Enterprise Plus, Education Plus, Education Standard, and Nonprofits customers only. | Learn more

For a recap of announcements in the past six months, check out What’s new in Google Workspace (recent releases).